typodupeerror
• #### Re:AES hardware/software requirements (Score:2)

"ryanr" Wrote:
You want your 8-bit smartcard to be able to comunicate with your 64-bit desktop, don't you? If they're not using the same alg. & protocol, that won't work.

Does this really make sense? While it's arguable that an 8-bit smartcard might be limited to a single low-end algorithm designed for a small memory footprint, is it reasonable to assume that on the other end a 64-bit processor couldn't support the first algorithm as well? The point isn't to make an arbitrary separation where one encryption standard is used here, while another there -- thus forcing incompatability where none need exist -- but to use the best software for a specific purpose.

All Bruce says on the matter is:
"Choosing a single algorithm (or even a pair of algorithms) for all these applications is not easy, but that's what we have to do. It might make more sense to have a family of algorithms, each tuned to a particular application, but there will be only one AES."

Which, at face value I can accept, but am still curious as to why. It looks like a political, not technical, decision... if so, is this appropriate?
• #### Re:AES hardware/software requirements (Score:1)

he actually says that in the insterview:
It might make more sense to have a family of algorithms, each tuned to a particular application,

he continues:
but there will be only one AES. And when AES becomes a standard, customers will want their encryption products to be "buzzword compliant." They'll demand it in hardware, in desktop computer software, on smart cards, in electronic-commerce terminals, and other places we never thought it would be used.

so, no, we don't need one algorithm to do everything. but there can only be one standard, and when there is, everyone will want to use that standard, even if it's not the best tool for the job. so they want to choose the standard that is as close as possible to being the best tool for all of these jobs.
• #### Re:A little confidence.. (Score:2)

Yep. They can't brute force your encrypted message, but they can look in your swap partition from fragments of your passphrase, or even the decrypted key itself. If you've ever typed your passphrase in a telnet session or on an X-server where the client was elsewhere on the network, etc. etc. etc.

They can also, if you've been using crypto in a crime (or if they accuse you of using crypto in a crime) they can create powerful incentives for you to give up the key.

Truth is, you should protect that passphrase like all get-out. You should keep your private keys on a CD-R and you should carry it with you. You should throw it on a fire when you are done with it. You should use gpg and pay attention to the secure memory features. Now you have a crypto system that is so difficult to use, its very annoying. That's just as well. You'll only use it when you really need it. The less ciphertext made with a given key, the better.

The NSA is probably better at breaking things than you think because, as Bruce says, the weak links are not the crypto algorithms.
• #### Re:Fantastic! (Score:2)

I have to agree. Bruce's responses are spectacularly well thought out. I thought his answer to my (somewhat snotty, I'll admit) question covered the ground completely, and from angles I hadn't thought of.

I'm serene, now, about the quality of work that embodied in the AES submissions, including (and especially) Twofish. We'll see what happens.

• #### FAS Project on Government Secrecy (Score:1)

The Federation of American Scientists [fas.org] sponsors the Project on Government Secrecy [fas.org] that has done a lot of very good work aimed at shining some light on the problem. From their site,
"Through research, advocacy, and public education, the Project on Government Secrecy works to challenge excessive government secrecy and to promote public oversight. The Project supports journalists and fosters enhanced public awareness of secrecy issues through publication of the Secrecy Government Bulletin."
This group has sued the CIA in order to force them to discolse more information about their annual budgets. I think this is a very savy strategy and it appears to be effective. FAS sponsors a lot of very worth projects. Go ahead and /. 'em!
• #### Linus and Alan aren't the ones to worry about (Score:2)

Since the FSF, Linus Torvalds and Alan Cox only distribute source code, and since tons of very smart people are studying that code in detail, their room to be sneaky is limited.

If I were the NSA, I wouldn't attempt to corrupt them. I'd get inside Red Hat and f*ck with the binaries they distribute. Who'd know? You may think that you can recompile from source and see if it matches the binaries, but what if they've messed with the compiler (along the lines of the famous Ken Thompson hack [acm.org])?

• #### not so fast... (Score:1)

This topic has already been discussed to a brief extent here. [slashdot.org] Perhaps adaptive optics would be a good idea for a full slashdot topic?

-----
• #### Re:two way street (Score:1)

I don't quite understand the equivalence of software pirates and the NSA. A software pirate is violating my property in an oblique way whereas someone monitoring my activities is violating my privacy in a direct way. It would be closer to the truth to equate the NSA to a credit bureau or internet ad agency or medical insurance company, which all have the potential of invading my privacy in a direct and consequential manner. I think it is right and proper that we curb the abilities of all powerful corporations, government agencies, and individuals from invasion of privacy.

The difficulty of implementation of privacy controls is quite difficult once the data is collected and centralized, but there are large barriers and costs to collecting data, and presumably even if it is collected and centralized, there can be reasonable limits on it's use.

On the collection side, we need to resist the efforts to force telecommunications companies to build in taps on digital communications. We need to resist the introduction of large scale video monitoring systems. It is not that these systems are ineffective in reducing crime, but that their cost in terms of loss in privacy for law abiding citizens and opportunity cost in terms of the money that could have gone to proven solutions for reducing crime such as economic development and education. Most such large scale systems have not been implemented yet, so we have some time to allocate those resources more effectively to meet the goals of sucurity and privacy.

On the centralization side the largest danger is the merger and growth of large corporations, especially financial institutions, telecommunications corporations, and medical insurers, which have the power and desire to collect increasingly complete personal information. Unfortunately, much of this consolidation has already taken place. We are left with weak options for legislation and regulation. Much more than the government, the mega-corporation is the most immediate threat as a potential Big Brother, since their power trancends national borders and is largely closed to public review.

Unfortunately, the cost of opting out of such a system is more costly to me than the loss of privacy encurred by living in it. One can still live outside the system, even if that means leaving your nation of origin. I can only hold on to the glimmer of hope that with encryption, at least my private coorespondence can be fairly private. I do not expect my financial or medical privacy to be well kept. But that should not discourage me from fighting for every last safeguard.
--
• #### No not your machine (Score:1)

Your machine will probably be safe from a US$1e6 solution, after all, for US$1e6, I can break into your computer today (well ok, maybe next week, I'm kind of busy). This is true even if your computer is not connected to the network and has reasonably good physical and password security.

The real issue is not you at all, but large scale financial transactions. In 10 years I'd be surprised if less than US$1e12 in consumer transactions were conducted annually over the internet. If banks begin to use the internet for interbank transactions, that would probably be closer to US$1e14 per day. Now you can begin to see the advantages of spending a few billion to produce an encryption breaking machine. The money laundering applications alone (as opposed to direct stealing, which is more noticable) are probably worth that.

So I wouldn't be too concerned about you just yet, unless you're hearing odd clicks on your phone already. But I'd be a bit worried about your bank.

--
• #### Re:face-recognition (Score:1)

Reportedly such systems are already in use at racetracks to screen customers from whom they will not accept bets. I just heard about this recently. I don't know enough about racetrack operations to understand why they wouldn't take bets from just anyone.
• #### Read Reflections on Trusting Trust (Score:1)

I had a long response citing Reflections on Trusting Trust [acm.org], the Ken Thomson article in which he describes trojaning the C compiler to trojan the C compiler to trojan login.c. But it vanished before my eyes (Damn you Microsoft...or was it the NSA...) So I'll try to be more brief.

In short, I don't think we need to worry about the source code generated by Linus, Alan et al. or even the asm for that matter. Peer review is great at picking out back doors. One should worry about every binary you installed on your computer and every binary that touched those binaries. Not to mention all the hardware. To be safe, I think one would have to boot the computer by hand (your computer does have a front panel with toggle switched right?) toggle in a compiler that you completely understand, then use that to compile an open source compiler, then use that compiler to compile every piece of software on your system. Even then you'd be only sort of safe.
--
• #### Transparent Pipe Dreams (Score:1)

Um, yeah, transparency has some nice features. I want my mugger to get caught too.

The problem is, despite our wishes, everyone will be transparent, but most people will be blind :)

It costs money to get access to surveillance. The CIA, NSA, etc have money. They can watch us. I don't see a near future where we can watch them back.

So we'd be infinitely accountable for our actions, but they will not. People do scary shit when they aren't accountable. That's why we need to at least attempt to guard our own privacy as long as possible.

It is possible that soon, your average slashdot-reading geek will have access to surveillance, but it'll be a damn long time before the uneducated poor does. That's scary too.
--
• #### Re:tech (does not remove my expectations) (Score:3)

on Friday October 29, 1999 @04:00PM (#1577002) Homepage

S.Ct. has stated one thing that will not change. A person *always* has a reasonable expectation of privacy in one's home. It is still the last bastion of privacy rights we have. I will *never* be willing to exchange that expectation for *any* so-called 'greater public interest.'

I'm going to be harsh against you poster and you Mr. Schneier. The notion that we should just accept privacy erosion as an inescapable inevitablity is un-American, defeatist and cowardly. When I speak of privacy erosions, I am speaking strictly at those mandated by the government, *and not* the conflict that occurs when one private party's right to bodily and property integrity means an erosion of my personal privacy. Namely, shopowners have a right to surveil their private property. Parents have a right to surveil their home while the babysitter is there. In short, we have a right to spy on each other when we access each other's private property.

However, where the government fails us or intrudes upon us, harming us occurs in the following ways. First, it is not currently illegal for private parties to surveil another's private property. Peeping-Toms & Tinas are not prohibited from spying. This is a failure of the government to act in our interests. And the fact that they have so failed us is intentional. They want us to spy on each other because it gives them free labor. They would love to pat you on the back and say what a good citizen you are when you ratted out your neighbor based on 'your suspicions.' The fact that you have no actual proof or that you had no right to obtain that evidence against your neighbor is not relevant to the Executive. It seeks to gain as much power as it possibly can in an effort to gain informational advantage. Second, the state and federal Executive takes active steps to gain legal advantage over your informational world. It seeks lobbies heavily in legislatures and exerts intimidating influence over corporations and researchers to maintain its advantage. The question is 'so what? What's the cost?'

You are the cost. You are the thing that must be overcome. You are the obstacle. We speak in generic terms about 'privacy' and 'public interest.' Let me put to you all in different terms. The inability to tell someone else to leave you alone if you wish it means that you are a subject in the other's reign. In old times, you could not have told the King 'no' to anything. We do have more ways to say 'no' now but only one really matters. The power to say 'no, go away' is the cornerstone of American ordered liberty. The ability to say openly 'you do not have the right' without being labelled a dissident is the essence of your communicative freedoms.

Freedom in this country is two-fold envisioned. First, freedom to manage your bodily integrity. It is physical control over yourself. The second is freedom to say what is on your mind an whatever meaningful way you choose. It is control over your own mind.

If you are satisified to live without either of these rights, particularly the right to speak freely (i.e., the first right to go when the state takes over), then you would have loved Hitler's Germany, Franco's Spain, Mussolini's Italy, or Stalin's USSR. If you don't *know* in your heart of hearts that the Executive is the right wing branch of our three branch system (where the judicial is more left considering societal goods, and the legislative being centrist) then you do not have enough of an understanding of our system. The trend this century has been for the Executive to aggrandize rights at the expense of the other branches. We have seen the rise of Administrative agencies (the so-called fourth branch) where the Executive has expanded is scope and reach to an amazingly extreme degree. There has never in the history of the world been a more powerful organization than the American Executive Branch. If you don't fear it, you should. Congress and the courts have little effective controls over it. They do, at times, exercise some controls, but in comparison to the power wielded they are minimal. The addage, 'power corrupts,' does not just apply to individuals. It applies to organizations too.

Poster, you are wrong that we must fight the power. That is futile. Rather, collectively we must *take* individual powers. We must demand our controls. It there is technology that can shed privacy; then there is technology that can regain it. Information technology is not synonymous with transparency. That's merely the social trend. And one that I will not accept. I will take my controls from you and the government using the same technology that has adulterated it. Nor is privacy synonymous with dissidence. That is the propaganda from the powers that be. .

I realize that there are practical realities and inevitablities. But rather than acquiescence we should make the Founders proud, declare ourselves in a public state of emergency and put all our smartest people to the task of developing policies, technologies and laws that aggrandize power to the individual rather to society or an organization that claims to be its representative.

This is long and there are typos, o well.

• #### That's Schneier. (Score:1)

Tanenbaum still holds the record for
misspellings. How come nobody misspells
Torvalds?
• #### Re:The Public vs the NSA (Score:1)

I prefer to refer to the NSA at the Ministry of Love or Miniluv if you like.
• #### Re:Satellite surveillance (Score:2)

OOPs: I meant 10 nanoradians. 575 nanodegrees. Blame my HP 15C.
--
• #### Nitpick (Score:2)

I'm glad to hear the lack of privacy is lessening.
--
• #### Mistake in the quantum answer (Score:2)

I think Bruce made an error in his last answer: yes, a quantum computer would reduce the difficulty of forcing a key by a square root - but that applies for every qubit you build into the system. It's not the limit for any quantum computer.

Granted, these things decohere easily, and it's possible even a ten-qubit quantum computer will never be built. But it'd be dangerous to assume that...Chris [chrisworth.com]
• #### small correction (Score:1)

I believe the man's name is Bruce Schneier.
Not Schneir.
See his website. [counterpane.com]
• #### Humans as storage for crypto material (Score:1)

One method which Schneier did not mention for getting better security out the amount of entropy you can remember is using a workload factor - apply a function which wastes CPU and possibly memory to the passphrase before using it as a key. You can probably spare 512k and 200ms any time you decrypt your private key for use, but it will make brute-forcing your passphrase much harder.

My question is - what function would you use? The trivial answer would be to run the hash function over and over again, but this is not necessarily a good idea: these functions would run very fast on dedicated hardware cracker. I believe it may be better to use an algorithm which is known to be the most efficient solution for a certain problem (something from Knuth?), an algorithm which makes good use of the fetures of a general purpose CPU so an FPGA will not really be any faster.
Add a cryptographic hash function here and there just to make sure there are no shortcuts or invertible stages.

Any suggestions?

----
• #### The Public vs the NSA (Score:3)

on Friday October 29, 1999 @07:53AM (#1577012) Homepage
The discussion fairly early in the article about public/academic review vs. the focused efforts of the NSA reminded me quite a bit of the Thumb from the Hitchhiker's Guide -- half the scientists in the galaxy are trying to come up with new ways to jam the Thumb, while the other half are trying to come up with new ways to jam the jamming.

What really worries me about the NSA is the seeming lack of oversight. Their charter should protect me against them (I'm a US citizen, and no I don't care about the rest of you =) ). Does anyone really know what mechanisms exist to keep this agency in check? I mean, Echelon must intercept my email whenever I send a "whazup" to anyone overseas; how can I be sure that my privacy rights are being protected?

Hell, how can we be sure that this agency isn't involved in even deeper black ops? I've heard the NSA described as basically a think-tank for the other government agencies like the CIA, BATF and FBI, but is this really true? It seems rather ironic that I'm paying for someone to spy on me.

Of course, this is just a symptom of the government's larger problem: routinely keeping secrets from the people. There was probably a time when this really was in the interests on National Security, but in an era where newspaper articles are routinely stamped "Top Secret", it seems to me that this is no longer the case. Time to reform the system, but it won't happen 'cause Americans just don't care.

----

• #### Hrefs, in order.. (Score:5)

on Friday October 29, 1999 @08:32AM (#1577013) Homepage Journal
Bruce's main site. [counterpane.com]
Information on Skipjack [counterpane.com]
Information on impossible-differential cryptanalysis [counterpane.com]
Information on attacks unknown to the NSA [counterpane.com]
About the Windows NSAKEY flap [counterpane.com]
Probable NSA backdoors [counterpane.com]
Information on the Blowfish algo [counterpane.com]
Information on the Twofish algo [counterpane.com]
Speed comparison of known algos [counterpane.com]
Speed comparison of the AES candidates [counterpane.com]
Summary of attacks on various algos [ii.uib.no]
Breaking crypto isn't the best way to beat security. Article 1 [counterpane.com] Article 2 [counterpane.com]
Information on the Solitare algo [counterpane.com]
Information on the Yarrow algo [counterpane.com]
Importance of peer-reviewed crypto [counterpane.com]
Dismissal of cracking contests [counterpane.com]
You say you can't break it; well, who the hell are you?" [counterpane.com]
Twofish team's published papers [counterpane.com]
David Wagner's published papers [berkeley.edu]
So you wanna become a cryptographer? [counterpane.com]
Information on side-channel attacks [counterpane.com]
Information on power-analysis attacks [cryptography.com]
Article on Quantum computing [cryptome.org]
The problems with the public-key infrastructure [clark.net]
The problem with longer keys [counterpane.com]
l0phtcrack [l0pht.com]
Biometrics as keys? [counterpane.com]
• #### tech (Score:4)

on Friday October 29, 1999 @08:03AM (#1577014)
I've been using computers since I was 5 years old. History has taught me that while technology is a tool, and as such can be neither good nor evil, there is good and evil in the world. As such, the technology is used by both sides.

The SPA considers software piracy wrong. Federal law says it's illegal. It's also widespread, and I haven't found many geeks that care what's written in the books - the software is free, the risk is low, and the information is infinitely reproduceable.

Is there any reason to think survellance won't follow the same logic? We may tell the NSA and CIA and everybody else what they can and cannot due, but the technology will still be used. As a computer-user, I gave up on the legal system a long time ago - it's hopelessly out of date and broken. I'm sure many gov't agencies view this in a similar light.

We can pass all the laws and legislation and make all the fuss we want and strip away everybody's rights to try to enforce that... but you'll still wind up in the same position whether you do that or not. We must address the underlying issues here - one of which is accountability. If you want to invade my privacy, I can't stop you... but if you use that information against me, there needs to be a clear, defined, and enforced method of repayment for the damage you've caused. If the NSA spies on thousands of "innocent" people, they should be held directly accountable for that. The question is... how?

True direct democracy would solve alot of these problems by replacing them with another set of problems. Your call.

--

• #### Possible with interferometry (Score:1)

Sometime in the far future, space-based telescopes in the visual spectrum range will be able to perform very long baseline interferometry.

This is an enormous technical undertaking, as it requires positioning a constellation of telescopes over hundred, thousands, or tens of thousands of kilometers to within nanometers of accuracy.

Difficult, but not possible. NASA is going to build and fly several missions in the next ten years to develop the concept. Flying satellites in formation, laser metrology (measuring distances to the nanometer), and ultimately, building a nulling interferometer that can image planets around distant stars.

There is nothing in the laws of physics that prevents the Hollywood fantasy of spy sats from eventually becoming true. Atmospheric haze can be fixed by interferometry, maximum-likelihood-estimation style techniques, and the super-resolution methods.

• #### Satellite surveillance (Score:3)

on Friday October 29, 1999 @08:11AM (#1577016) Homepage Journal
This was a very interesting and enjoyable session. Thanks /. and Schneier. I am none the less compelled to object to one small statement in the otherwise interesting discussion of privacy. Satellite cameras cannot and probably never will be able to read your wristwatch from orbit (unless you are standing on a celestial body like the moon). Even if you could overcome the basic optics problems (resolution of 1 mm at a distance of 100 km is about 575 nanoradians) you still have the atmosphere to contend with. Contrast Hubble Space Telescope imagery with comparable telescopes located on the Earth. Astronomers are planning clusters of widely spaced, (possibly adaptive optics) mirrors to reproduce or exceed Hubble capabilities on Earth, but it would be challenging to say the least to do this in orbit... I think your watch or even your PalmPilot display is safe from orbital surveillance for the forseeable future.
--
• #### Fantastic! (Score:3)

on Friday October 29, 1999 @08:41AM (#1577017)
I think this has got the be the best interview /. has yet done. While brief and amusing answers are fun and keep one amused for a time while reading them (like the cDc interview) Bruce's long and thoughtful answers have much more brain food in them and will keep me thinking for quite some time.

I love all the links he's included in the text as well. It's not only long and well-thought-out but he even has more stuff to say about a lot of these topics!

I would like to know who holds copyright on this text (/., Bruce, Andover?) and if they would be willing to allow us to reproduce portions of this interview as long as we maintain the original source?

Specifically, I'd love to have Bruce's answer to Tet's question on privacy made up into a poster I could hang up above my computers and printed out in pamphlets I could just hand to people whenever I try to explain my views on privacy; Bruce just does it so much better than I've ever been able to and having a wonderfully detailed and well-argued statement like that might keep people from just seeing me as "one of those privacy kooks. He must have something to hide to be so pro-privacy. I bet he watches X-Files all the time and cheers for Mulder any time he proposes another government sponsored conspiracy theory." No, I just value my privacy and I'm more and more frightened every day at how industry and government continue to chip away at it and how the majority of the rest of the public just doesn't see a problem.

-=-=-=-=-

• #### Re:*** NEW UNBREAKABLE CRYPTO ALGORITHM *** (Score:1)

Umm..Ok, I'll feed the troll..

Now, keep in mind that linear algebra was difficult for me, and I've repressed most of it. :)

2) What's a Norman Transform?

3) Clarify "join" in this case. Is M going to be invertible in every case?

4) What's a Gery-Sinner transform?

Do you have any program code for an example? How about a walkthrough of one round w/example data and key?

This alg. doesn't actually do anything, does it?

What's the decrypt process? (same?)
• #### Re:Humans as storage for crypto material (Score:1)

You may wish to see how FreeBSD hacks MD5 to be an excellent slow password hash, or how OpenBSD makes an efficient has out of Blowfish.

- Sam

• #### wmnetselect (Score:1)

wmnetselect [att.net] is an applet that sits in your dock/panel/whatever. Select text in any X app and middle-click on the wmnetselect icon, and Netscape will go to that URL. It's designed for WindowMaker, but works in other environments as well.
• #### Re:tech (Score:1)

The thing is, transparency does not have to be bad. Transparency makes people accountable for their actions. It means that people will once again have to take responsibility for what they do. In my opinion, adults not taking responsibity for the effects of their own actions (be it through the American legal system or European welfair states) is one of the biggest problems with todays society.

To bad transparency really only works on those of us *in* the system. The people who commit the most crimes don't have credit cards, don't have checking accounts, or a perm address. So how am I going to be protected in this new world of transparency?

Will the cops pull all the video footage from store cameres when my car gets stolen to find where it goes? Nope.

If there is an arrest warrant out for me will my location be tracked via my Credit Card purchases? Yep. You don't have to do anything bad to have a warrant out either. Forgetting to pay a speeding ticket or having the Police forget you paid a speeding ticket will get you arrested.

Transparency only helps keep the sheeple in line, to bad we are the sheeple.

Later,
MarkV.
• #### Use salt! (Score:1)

To prevent a precomputation attack all you need is a small salt value per user.

----
• #### Speaking of crypto algorithms (Score:2)

How should people publish them to the world? Just post them to /.? Ah heck, here is one to play with...

Let me start with a really bad algorithm. Take a fixed buffer of random data, and xor it with your data stream, reusing data as you go. What is wrong with this? Well if you xor the result with itself shifted by the period your key drops out and you just have plain-text xored with plaintext, which can easily be attacked (try xoring sections with common words), and with each piece you attack you can extract some key, extracting other text and before long... voila! (There are techniques to identify the length...)

OK, so let us be a bit smarter. Have 2 buffers of different lengths! Well OK, a little harder since you have made the effective period in the above longer, but you can attack it as before or you can use the non-random nature of your "longer" key to attack it as well. 2 implementations of a bad idea is still bad.

But wait! Look at the stream. It is quite easy to have 1 stream of data encode 3. All that you do is have protocol that sends a header saying which stream is getting the next x characters, then send the block, then send the next header. So the sender can send 3 streams of data, one of which is information on how to replace your first cipher, the second containing information on how to replace the other, and the third being your actual data. The actual placements of header and choices of sizes of data is random so an attacker has no idea what is data and what are actual keys.

(Clearly this is only usable for an ongoing stream of information where you have large amounts of random data available, RAM is not an issue, and bandwidth is not very important to you.)

So my question is how you can attack this algorithm? Where would you start?

And if it is hard to break, how does the replacement rates in the two buffers correlate with the minimum amount of plaintext sent to crack it?

Ben_tilly/at/hotmail(dot)com
• #### Re:Encryption re: best hacks (Score:1)

After reading this post on Cryptography, combined with the earlier posts on the Best hacks, where someone placed a backdoor into the login.c in Unix, I am wondering about the security of Linux and whether there could be backdoors floating around inside the kernel code, init.d or whatever.

The answer is, strictly speaking, "yes, there could be backdoors in init.d, login.c, ftpd, etc."

However, one of the traditionally-acknowledged strengths of open source software over proprietary software is that bugs or backdoors can more easily be detected, reported, and fixed -- be it by the code maintainer, a third-party vendor (Red Hat, Caldera, etc.) or one of the end users themselves. With proporietary software, you are on the vendor's schedule as to when (or even if) a bug is corrected or a backdoor closed.

The rest of your question is, therefore, moot; even if Alan Cox or Linus Torvalds have a secret plan to backdoor or booby-trap the Linux kernel source, there are too many people banging away at it on a regular basis for it to go undetected.

Jay (=
• #### Re:Fantastic! (Score:2)

It's Bruce's copyrighted material, unless he made some sort of arrangement. As the bottom of the page says:

-----------

"You can't shake the Devil's hand and say you're only kidding."

• #### Re:Who cares? (Score:3)

<ryan@thievco.com> on Friday October 29, 1999 @11:30AM (#1577027) Homepage Journal
Well, uhh, those of us who are posting, obviously. (not you.)

Bruce is fairly famous, in the appropriate circles. The general public doesn't know even the most famous cryptographers. If you're concerned about Bruce's fame, wait a little while and watch his new company. If it takes off like I expect it might, he'll be famous enough.

There's a worse problem with your assertion, though. Bruce is a very interesting guy, and a good speaker. He rarely gives an answer (in this type of situation) with any math or technical details in it. In other words, he does a good job of giving answers that everyone can read and understand. Did you read his answers?

I suspect the relatively small number of replies so far (for Slashdot) are due to the fact that Bruce often leaves little to refute, and that he answers very matter-of-factly, leaving little room for "religious" debate.
• #### Re:Satellite surveillance (Score:3)

on Friday October 29, 1999 @11:32AM (#1577028) Homepage Journal
Actually, the most advanced ground based telescopes will probably beat the Hubble in resolution, if they haven't already. They combine larger apertures (resolution is a linear function of aperture) and adaptive optics.

There's a guy at Boston's Museum of Science who can take pictures of the Shuttle [eu.org] or satellites in broad daylight with a slightly modified closed circuit security camera on a 12 inch reflector.

Throw in a billion bucks for better CCDs, larger and adaptive optics and better image processing software and if they can't read your watch from space they can probably read your sundial.
• #### Re:Speaking of crypto algorithms (Score:4)

<ryan@thievco.com> on Friday October 29, 1999 @11:44AM (#1577032) Homepage Journal
Ocasionally, I browse sci.crypt, and I see a fair number of algorithms posted there. I also see some "breaks" for them posted. So, there's one possible place.

I've seen a number of cryptographers say they don't have a lot of time, and no, they won't break your algorithm for you. Well, not unless you pay them. Bruce is one of those.

However, I've seen posts where they've broken someone's alg. in the time it took to read it, and they sometimes reply.

Here's something I've had in mind for some time: An Internet-based crypto club, where rank amateurs could post their own algs., and break those of others. Sci.crypt does that to some degree. Something that is more explicitly for creating & breaking would be appropriate, though. I don't have time to run such a thing, but I'd like to participate casually. I imagine that there could be a built-in prestige system that tracks how long particular algs. take to break, etc..

It could also possibly attract better cryptographers as well. If there is a ranking system, then that could act as filter for the real cryptographers. For example, if a particular alg. has "survived" for 6 months, it could be ranked as "good" for the crypto club, and then a real cryptographer could come along and dash the author's hopes.
• #### Re:tech (Score:1)

Its possiable in the US, right now, to collect money from all of the parents who owe child support and alimoni, but we don't. Owe the IRS 5 bucks and you will have your checking account frozen untill the IRS is paid.

Its not going to change. I guess I'm just a pessimistic American. Will moving to Sweden restore my faith in Gov't? If so, lemme know. :>

Later,
MarkV.
• #### Re:Satellite surveillance (Score:1)

A professor of mine for my signals and systems class at Purdue University, told us about this. The basic idea (if I mess it up blame me not my professor or Purdue) is to build a black box that undoes the atmospheric distortion.

In order to do this one needs to know what the image "should" look like without atmospheric distortion. Then through some sort of magic build a filter that when applied to the dirty, distorted image returns it to the original. The basic premise is that the atmospheric distortion is an invertible system and that we can build a second system that does the inverting.

The biggest problem with this approach was how the heck do you figure out what things are supposed to really look like? If I remember correctly, there were a few stars that they could use as points of data to build the "black box." The breakthrough for this came when some department of defense guys got involved with their work. The final system (being built? already built?) was to shine a laser at one point in the sky that would excite cesium atoms. There is a layer of cesium atoms around the earth's atmosphere. We know what the excited cesium ion's are supposed to look like. Move the laser around the sky, and voila, you can build a black box that will "undo" the atmospheric distortion across the whole sky.

I would love to hear from anyone who can add more to this or correct me where I was mistaken. Does anyone know how well this works? It seems like the system is not completely invertible. Some data must be lost, but how much? Also I believe they were applying this technology to a telescope in Hawaii.
• #### Re:tech (Score:1)

Some readers of your post may not live in America (I don't) and may not have the luxury of a government they feel they can trust, nor the luxury of free elections. A significant number of your countrymen do not share your confidence that the government works in their best interests.

For such people, particularly those battling an oppressive regime from within (Iran? East Timor until recently, etc. etc.), privacy may be literally a matter of life and death.

You are privileged to live in America. Just try to avoid assuming everyone else on the Internet does too.
• #### Re:tech (does not remove my expectations) (Score:1)

by Anonymous Coward
"If you don't *know* in your heart of hearts that the Executive is the right wing branch of our three branch system (where the judicial is more left considering societal goods, and the legislative being centrist) then you do not have enough of an understanding of our system."

If you don't *know* that "right", "left", and "centrist" are meaningless political terms, then you do not have enough understanding of the English language as it relates to contemporary politics. This is more a slam on the last part of your comment: "then you do not have enough of an understanding of our system".

At best, "right" is a pro-establishment term applying to both religious and non-religious support of republics, democracies, monarchies, dictatorships, oligarchies, etc, - whichever is in power. OTOH, "left" tends to be an anti-establishment term applicable to communists and libertarians (among many, many, other groups as well). AFAIK, "centrist" means that one will do and say anything to keep or get power - although best implemented by not actually appearing do such unless you do it so well *cough* Clinton *cough* that nobody gives a shit.

Bottomline, no one term - left, right, centrists - meaningfully conveys any information that is not relevant to specific issue at a specific time and in a specific place (even then it does so poorly). Just as cryptagraphy obscures data, fuzzy political terms make rational political discourse more obscure. It is at the point that 95%+ of all people shouldn't even watch/read political news or vote, until properly educated in all political schools of thought and terminology. People shouldn't vote anyways - nobody has a right to tell me what to do, not in whole, not in part, not alone, and not in groups.

Anonymous because I'm lazy, cowardly because I'm smart. Posting twice 'cause I'm careless.
• #### Re:That's Schneier. (Score:1)

For those wondering what this is about: in the
original posting Schneier was spelled Schneir.
Roblimo seems to have corrected that already,
though.

• #### AES hardware/software requirements (Score:2)

In the interview where Bruce Schneier lists the various hardware and software requirements for AES, that it both work in very small 8bit low RAM environments along with higher end equipment; that it stream well for desktop video on demand; that it parallelize well across many devices; that it fit in specialized embedded cryptographic hardware in few gates, etc etc etc... I ask:

Why do we need one algorithm for all these functions? Beyond political constraints of the AES selection process, wouldn't it make more sense to choose two, or possibly several, candidates each suited for different purposes?

Can anyone answer this rationally? Thanks....
• #### Re:tech (Score:4)

on Friday October 29, 1999 @09:20AM (#1577042)
The only real problem here is one of denial. I don't think that the loss of privacy is a problem, because there is nothing we can do about it. If anything, we need to face up to it.

Transparency is coming, like it, hate it, deny it, or embrace it. I don't think that the Sun dude is right, because in saying saying that we have already lost the war he makes it sound like it won't get much ~worse~. It will.

The thing is, transparency does not have to be bad. Transparency makes people accountable for their actions. It means that people will once again have to take responsibility for what they do. In my opinion, adults not taking responsibity for the effects of their own actions (be it through the American legal system or European welfair states) is one of the biggest problems with todays society.

If you are constantly broadcast on the Net, you are never alone. This has its vices, but it also has amazing virtues. Schneier notes that the telephones giving away their positions is for security reasons. And if you consider it, it does mean an amazing boost for safety to have a phone that can help rescue services find you. Store cameras, street cameras, home cameras all make your world safer. If you are walking around constantly webcasting everything you see, then you are never going to be alone in a dark alley again. Sure, there are people dumb enough to attack you even if it means putting their face on the web: but a hell of a lot fewer then if it doesn't.

The loss of privacy is a double bladed sword: It could topple us towards the true idealized global village, or towards Orwellian inferno. What we have to do is make sure we choose the right side.

Passing more laws to giving more power to the state to restrict peoples freedoms is not the right side. I don't care if the intentions are good, its a misguided idea.

If you ask me what makes the Orwellian world a hell is not the lack of privacy, but the combination of POWER and transparency. To fight the transparency is as futile as fighting the piracy, the drugs, or the gene technology. You can't kill ideas. But we can fight the power. For too long we have been imagining that we have found the perfect balance between totalitarian power and freedom, and have stood still at it. Well now technology is catching up with us. Transparency makes the governments that were designed to protect us our greatest enemies, while it at the same time weakens all the threats the power was established to protect us from. Its time to start moving.

I'm sick and I'm rambling. This probably made no sense. He :-)

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.
• #### Re:Possible with interferometry (Score:1)

Sometime in the far future, space-based telescopes in the visual spectrum range will be able to perform very long baseline interferometry.

I didn't think about that, thanks for bringing it up. Very exciting, and not that far in the future. Might even be relevant to cryptography (which is what we're supposed to be talking about, sorry moderators, my fault).

There is nothing in the laws of physics that prevents the Hollywood fantasy of spy sats from eventually becoming true.

No, of course not, but that is like saying celestial mechanics is an exact science -- all you have to do is compute the effect of all the mass in the universe and its exact location at any time...

Atmospheric haze can be fixed by interferometry, maximum-likelihood-estimation style techniques, and the super-resolution methods.

Ok, you lost me there. I follow what you're saying about interferometry, but MLE techniques? Do you mean something like principal component or EOF analysis? And just what are the super-resolution methods? Spatial resolution, or spectral? Could be a translation thing, but these terms are not familiar to me in any context related to atmospheric optics for the purpose of remote sensing (can you guess what I do for a living?). So my curiosity is piqued (and my BS detection bit is set). I'd like to hear more. Cheers
--

• #### Re:That's Schneier. (Score:1)

No one misspells Torvalds because Swedish is such a lovely, logical language that it leaves no room for misspelling. Except when I'm writing.

/me waits patiently for the first american to say "You mean Finish"...

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.
• #### Re:AES hardware/software requirements (Score:2)

You want your 8-bit smartcard to be able to comunicate with your 64-bit desktop, don't you? If they're not using the same alg. & protocol, that won't work.
• #### two way street (Score:1)

If the NSA spies on thousands of "innocent" people, they should be held directly accountable for that. The question is... how?

I think it is interesting that you think the NSA should be held directly accountable but that software pirates shouldn't. You are in essence claiming that government should be held to a higher moral standard than the people it governs. Yet we are in a government of the people and by the people - making it difficult to reconcile a moral government with an immoral people. Not to mention many people have a tough time swallowing it when people apply double standards of morality.

Think how outraged your average person feels when Senator So-And-So says that adultery is immoral and then is found to have had an 12-year affair. Aren't the people at the NSA going to feel essentially the same way when the people of the US say "you have to play by the rules but we don't"?

I'm not saying that government shouldn't be held to a higher standard -- they have more power than the average person. But I think you are going to have a hell of a time implementing it. I don't think true direct democracy would solve anything -- especially with the historically low voter turn outs in most republican nations; I think republican governments tend to moderate the power of swing voting blocks, which is a good thing.
• #### Re:The Public vs the NSA (Score:1)

by Anonymous Coward
From recent disclosures in the media, it appears that NSA, the National Reconnaisance Office, et al do not spy on Americans. They get our allies to do it for us--probably from downloads from an American satelite. E.g., it appears the Canadians take the satellite intercepts from North America and analyze them. They may or may not spy on their own, but information on US citizens they exchange with the US government and vice versa. A Canadian with a conscience broke this story, and he had credible credentials (this was on one of the US network news magazines recently). There are suggestions that this goes on with our Nato allies as well: we tell the Germans "We heard Hans Schmidt plotting something that may be bad and you should know about" and they reply "Danke schon, und by the way we overheard John Smith talking about something suspicious." Nobody has to break their own laws against spying on their own citizens. And it all seems to come from sharing US satellite data, i.e., the Canadians probably don't have any KH-13's in orbit. Ditto, the Brits and the Germans (two other nations that have been mentioned).

Echelon is probably just the information exchange agreement underlying all this--its a cutout mechanism to prevent charges of domentic spying as much as it is an effort to monitor every emission on the planet (to the limit of available resources). We spy on our friends and they do the same favor for us.
• #### *** NEW UNBREAKABLE CRYPTO ALGORITHM *** (Score:1)

1. XOR each byte with the next, and the last one with the first

2. For each byte A, compute the Norman Tranformation with all other bytes in the message and save the results on a vector

3. Join all vectors you got for each byte on a matrix M and invert M using rational integer
type.

4. Create a vector K filled with the key repeated
through a Gery-Sinner Transformation.

5. Make C = M * K

6. Xor each byte on C with next and the last one with the first for 2 times

7. Repeat 2 to 6 for 7 more times

• #### Re:Satellite surveillance (Score:1)

I don't know if satellites can read your watch, but I have worked with optics that could pick up the dashboard lights of an aircraft six miles out, and that was pre 1993.

• #### Re:Satellite surveillance (Score:1)

You are assumming a single image. Many blurry images of the same object can be combined to make a single clear image. The information is all there, it is just scattered across the set of images. Anyway, reading a wristwatch still stikes me as a bit of an exaggeration though.

-Derek
• #### Re:tech (Score:1)

A lot of people think this way, in a way even Schneier is guilty of it when he says we can learn a 30 character passcode but most people can't be expected too

Here is a clue:

We are the future.

We may be the early adapters of the technology, but you bet your ass everybody will be doing it soon enough. Contrary to what one might think when watching daytime TV, society is not getting dumber as a whole. Here in Sweden the guy who mugs you is likely to have a mobile phone on him. In two years he is likely to have a WAP phone/PDA. In five years it likely to be permanently connected to the net. Etc.

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.
• #### Re:tech (Score:1)

True, but the fact is that 99% of the time the police is not there to actively watch over you either. As individuals criminals are irrational, but on a whole crime is pretty rational. The reason I can walk my dog at night here without getting mugged and killed is not that there are police everywhere, but because your sure enough to get caught to make getting my \$4 of pocket change not worth it. In some areas this is obviously not the case (well, my dog is rather large, so...)

Violence will obviously be needed to fight violence. But as the technology protecting me gets smarter, I the authority of the violence protecting me can, and will, get weaker.

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.
• #### Re:Encryption re: best hacks (Score:1)

Part of it has to do with open source.
If you don't trust it look at the source.

There are also many other people looking at the source. This is similar to what was said in the interview. Don't trust anything until is has been thoroughly reviewed by people you put some faith into.

On the other hand, hiding the true functionality of sections of the source via subtle repeated manipulations from vastly differing sections of the code may be very difficult to discover. I have no idea as to the feasibility of designing such a system. (although i believe microsoft has)

• #### Re:*** NEW UNBREAKABLE CRYPTO ALGORITHM *** (Score:2)

Doubtful.

*** OLD UNBREAKABLE CRYPTO ALGORITHM ***
One time pad. See "Applied Cryptography" for more detail.
• #### AES may be more flexible than that (Score:2)

The NIST appears to have opened themselves up to the possibility of having more than one algorithm under the AES umbrella. See their web site at http://www.nist.gov/aes for their current views. While still not saying that there WILL be more than one algorithm as part of the AES standard, they no longer make a blanket statement about "the" AES algorithm.

Previously the web site was pretty clear that AES was going to be a single algorithm. As Bruce notes, a family of algorithms might be more practical, though in the past NIST was not open to that suggestion.

-E

• #### Re:Mistake in the quantum answer (Score:1)

And with enough qbits, the problem of breaking a public-key goes from being exponentially hard to being soluble in polynomial time. Real, large-scale quantum computers could well kill public-key cryptography forever, forcing us to instead concentrate on secure systems for distributing private keys.
• #### Re:A little confidence.. (Score:1)

Don't forget that much simpler methods of invaiding privacy exist. The best crypt, OS, etc, amount to very little if a there was a camera recording as you typed your pass phrase or you were being otherwise monitored. Government agencies have vast powers to exert when they really want to know something. I have little doubt that in general your friend is correct.

Just don't think that every attack is computational.

pth
My name is not spam, it's patrick
• #### Re:wmnetselect (offtopic) (Score:1)

You can cut-n-paste urls into any netscape window just like any other app. -- as long as you don't middle-click a hyperlink :-)
• #### Re:Humans as storage for crypto material (Score:1)

The problem with this idea is that it doesn't actually enlarge the effective keyspace. It could be effective against someone trying to attack *your* entropy, but becomes less so when someone is trying to attack *everyone's* entropy. To put another way, you can do a dictonary attack against a password, and that may be effective. With a workload scheme, you feed your dictionary into the workload function *once* and create a new dictionary, which may be a bit larger than your original, but has the same odds of success.

The more people who use the same function, the more economical it is to do this.
• #### Re:tech (Score:2)

If you are constantly broadcast on the Net, you are never alone. This has its vices, but it also has amazing virtues. ... Store cameras, street cameras, home cameras all make your world safer. If you are walking around constantly webcasting everything you see, then you are never going to be alone in a dark alley again. Sure, there are people dumb enough to attack you even if it means putting their face on the web: but a hell of a lot fewer then if it doesn't.

<shivers>

This reminds me of an especially poignant scene in a book I read (Moonwar, I think it was) where the leader of the lunar revolution witnessed the rape/murder of his female friend on Earth via VR. She wasn't alone, but it didn't save her either.

• #### Encryption re: best hacks (Score:1)

After reading this post on Cryptography, combined with the earlier posts on the Best hacks, where someone placed a backdoor into the login.c in Unix, I am wondering about the security of Linux and whether there could be backdoors floating around inside the kernel code, init.d or whatever.

Assuming there are some pretty intelligent computer scientists working on the low level code for Linux, I am wondering if someone has come up with a way of using GCC and source code to create a security breach. I mean, who the heck *are* Linus Torvalds, or Alan Cox? Sure they are now internet personalities, but could they also be somebody more insidious?

Just curious - not meant to be flamebait.

#### Related LinksTop of the: day, week, month.

Pohl's law: Nothing is so good that somebody, somewhere, will not hate it.

Working...